-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathHikBrute.py
executable file
·95 lines (75 loc) · 2.65 KB
/
HikBrute.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
#!/usr/bin/env python
# -==[ Hikvision DVR Brute forcer - V 1.0 ]==-
# -==[ Author : XD4rker ]==-
#
# Copyright 2015 XD4rker
#
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import httplib2, sys, os.path, signal, hashlib, json, re
if len(sys.argv) == 1:
print "\nUsage: ./script.py {WORDLIST_PATH} {COUNTRY_CODE}\n"
sys.exit()
if not os.path.isfile(sys.argv[1]):
print "Error: File doesn't exist"
sys.exit()
def GetIP(source):
regex="var url='(.+?)';"
pattern=re.compile(regex)
url = re.findall(pattern,source)
ip = re.findall('[0-9]+(?:\.[0-9]+){3}', url[0])
return ip[0]
def GetLocation(ip):
h = httplib2.Http(timeout=100)
link = "http://www.ipinfo.io/"+ip.rstrip()
resp = h.request(link, headers={'Accept':'application/json'})
content = resp[1]
json_decoded = json.loads(content)
info = [ json_decoded['country'], json_decoded['city'] ]
info = map(str, info)
return info
HEADER = "\033[95m"
BLUE = "\033[94m"
GREEN = "\033[92m"
ENDLINE = "\033[0m"
INFO = "[+]"
ERROR = "[-]"
hostCount = 0;
NotRegistered = "75df0ef069c0dd3f0ccde6e4d7eabe87"
NullRedirect = "eb503a81d7f04f9b4537d0bd67b5c9db"
wordlist_path = sys.argv[1]
f = open(wordlist_path)
lines = f.readlines()
f.close()
h = httplib2.Http(timeout=100)
print "\n" + HEADER + BLUE + INFO + ENDLINE + " " + "Using file : "+wordlist_path+"\n"
for i in range(len(lines)):
link = "http://www.hiddns.com/"+lines[i].rstrip()
try:
resp = h.request(link, "GET")
content = resp[1]
checksum = hashlib.md5(content).hexdigest()
if (checksum != NotRegistered) & (checksum != NullRedirect):
Addr = GetIP(content)
Location = GetLocation(Addr)
if len(sys.argv) == 3:
if sys.argv[2] == Location[0]:
print HEADER + BLUE + INFO + ENDLINE + " " + link + " \t->\t" + Addr + "\t" + Location[0] + " - " + Location[1]
hostCount += 1;
else:
print HEADER + BLUE + INFO + ENDLINE + " " + link + " \t->\t" + Addr + "\t" + Location[0] + " - " + Location[1]
hostCount += 1;
except KeyboardInterrupt:
print "\n" + HEADER + GREEN + ERROR + ENDLINE + " You pressed Ctrl+C ! Aborting ...\n";
sys.exit()
print "\n" + HEADER + GREEN + INFO + ENDLINE + " " + str(hostCount) + " total Hosts were found\n";